This present invention relates generally to the field of web browsers.
The emergence and development of computer networks and protocols, including the World Wide Web (or simply “the web”), now allows users to take advantage of a wide variety of web applications and services provided by different web sites. Common examples of such web services include, but are not limited to, electronic messaging services, social networking applications, and personal banking services. Web users can enjoy convenient and secure access to such applications and services by simply browsing to a web site using a web browser. A web service generally requires a user to register an account in order to use the features provided by the service. Users provide login credentials associated with the account, such as, for example, a unique username and password combination via a login form displayed on a login page generated by the web service. A web user typically uses many different web services. Consequently, the user must remember and manage many different sets of login credentials, which can become very difficult. In addition, manually typing a username and password each time before using a web service can become very tedious.
Many existing web browsers and browser add-ons try to assist users with multiple sets of login credentials (e.g., usernames and passwords) for logging into different web services by storing login information and automatically filling it into login forms upon navigation to a login page. However, existing solutions cause confusion and delay for users when accessing their everyday accounts. For example, solutions that automatically submit the login page on navigation involve a series of automatic actions taking place on the page, which leads to confusion for the user. In addition, there are latencies associated with submitting login information via the login form, waiting for a server response, and redirecting the user to their desired page.
A more insidious problem relates to phishing scams involving web site forgeries with forged login pages used to fraudulently acquire sensitive information from users. A phishing web site is made to appear virtually identical to the web service provider's actual web site in order to lure unsuspecting users into submitting their login credentials to the phishing site. Once the login credentials are obtained, they can be used to gain access to the user's web service account, which may be, for example, the user's personal banking account. Although solutions that automatically fill in login credentials for users may not fill in the fields displayed on a forged login page of a phishing site, most users would believe the problem is with their browsers, rather than with the site itself, and consequently, choose to manually fill in the fields on the forged login page.
Thus, users need a capability to manage multiple sets of login credentials corresponding to different web services and to be able to stay logged in at the web services without having to manually resubmit login credentials for each new session of a web service. Such users also need a capability to automatically submit login credentials as a background process without having to interact with or view a login page for each new session of the web service.